Abstract Data is one of the most important assets for all types of companies, which have undoubtedly grown their quantity and the ways of exploiting them. Big Data appears in this context as a set of technologies that manage data to obtain information that supports decision-making. These systems were not conceived to be secure, resulting in significant risks that must be controlled. Security risks in Big Data must be analyzed and managed in an appropriate manner to protect the system and secure the information and the data being handled. This paper proposes a risk analysis approach for Big Data environments, which is based on a security analysis methodology called MARISMA (Methodology for the Analysis of Risks on Information System), supported by a technological environment in the cloud (eMARISMA tool) already used by numerous clients. Both MARISMA and eMARISMA are specifically designed to be easily adapted to particular contexts, such as Big Data. Our proposal, called MARISMA-BiDa, is based on the main related standards, such as ISO/IEC 27000 and 31000, or the NIST Big Data reference architecture or ENISA and CSA recommendations for Big Data.

中文翻译：

---

MARISMA-BiDa 模式：大数据的综合风险分析

摘要 数据是各类公司最重要的资产之一，它们的数量和利用方式无疑都在增长。在这种情况下，大数据表现为一组管理数据以获取支持决策的信息的技术。这些系统被认为是不安全的，导致必须控制的重大风险。必须以适当的方式分析和管理大数据中的安全风险，以保护系统并保护正在处理的信息和数据。本文提出了一种针对大数据环境的风险分析方法，该方法基于称为 MARISMA（信息系统风险分析方法）的安全分析方法，并得到已被许多人使用的云中技术环境（eMARISMA 工具）的支持。客户。MARISMA 和 eMARISTA 都经过专门设计，可以轻松适应特定环境，例如大数据。我们的提案名为 MARISMA-BiDa，它基于主要的相关标准，例如 ISO/IEC 27000 和 31000，或 NIST 大数据参考架构或 ENISA 和 CSA 对大数据的建议。